[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.5-1] fixup! Bug 23247: Communicating security expectations for .onion

Title: GitLab

ma1 pushed to branch tor-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser

Commits:

  • 8627f8e1
    by cypherpunks1 at 2023-11-06T21:22:17+00:00 
    fixup! Bug 23247: Communicating security expectations for .onion

Bug 42231: Improve the network monitor patch for http onion resources

2 changed files:

Changes:

  • devtools/client/netmonitor/src/components/SecurityState.js
    ... ... @@ -41,7 +41,7 @@ class SecurityState extends Component {
    41 41
    42 42 
         const {
    43 43 
           securityState,
    44 
    -      urlDetails: { isLocal },
    44 
    +      urlDetails: { host, isLocal },
    45 45 
         } = item;
    46 46 
         const iconClassList = ["requests-security-state-icon"];
    47 47
    ... ... @@ -50,7 +50,11 @@ class SecurityState extends Component {
    50 50
    51 51 
         // Locally delivered files such as http://localhost and file:// paths
    52 52 
         // are considered to have been delivered securely.
    53 
    -    if (isLocal) {
    53 
    +    if (
    54 
    +      isLocal ||
    55 
    +      (host?.endsWith(".onion") &&
    56 
    +        Services.prefs.getBoolPref("dom.securecontext.allowlist_onions", false))
    57 
    +    ) {
    54 58 
           realSecurityState = "secure";
    55 59 
         }
    56 60

  • devtools/shared/network-observer/NetworkHelper.sys.mjs
    ... ... @@ -596,9 +596,6 @@ export var NetworkHelper = {
    596 596
    597 597 
         // The request did not contain any security info.
    598 598 
         if (!securityInfo) {
    599 
    -      if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) {
    600 
    -        info.state = "secure";
    601 
    -      }
    602 599 
           return info;
    603 600 
         }
    604 601
    ... ... @@ -650,11 +647,7 @@ export var NetworkHelper = {
    650 647 
             // schemes other than https and wss are subject to
    651 648 
             // downgrade/etc at the scheme level and should always be
    652 649 
             // considered insecure
    653 
    -        if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) {
    654 
    -          info.state = "secure";
    655 
    -        } else {
    656 
    -          info.state = "insecure";
    657 
    -        }
    650 
    +        info.state = "insecure";
    658 651 
           } else if (state & wpl.STATE_IS_SECURE) {
    659 652 
             // The connection is secure if the scheme is sufficient
    660 653 
             info.state = "secure";


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits